Setup in under 5 minutes with no software to install or agents to deploy

Extensive automation delivering one-click operational simplicity

The innovative Dome9 Arc SaaS platform is designed to be the one-stop solution for easy
management of network security in large public cloud environments. Dome9 Arc offers a
complete range of capabilities that allows administrators to visualize network topology and
flows, assess security posture, detect misconfigurations and attack surface, model gold
standard policies, protect against attacks and insider threats, and conform to security best
practices on the cloud.

Manny Landron

Network Security Features

A powerful visualization tool that constructs a real-time topology of cloud assets, including security groups, instances, firewalls and more. Clarity gathers the required information and automatically categorizes cloud entities based on their exposure to the public, allowing admins to find misconfigurations and security threats and remediate them. Users can even upload CloudFormation templates (CFTs) to inspect and collaborate before deployment.

In-Place Remediation

Built-in capabilities to fix issues that can leave your cloud environment exposed, such as misconfigurations, open IP ports, and unauthorized modifications. Dome9 Arc offers intuitive management of security group policies across accounts, projects, regions and virtual networks from one place. Dome9 exposes an object-oriented approach to network management through IP lists and DNS objects, and provides rich actionable alerts and extensive audit capabilities that makes the platform the system of authority for security management.

Time-limited, on-demand access to services and ports in cloud environments, allowing administrators to adopt and maintain a closed-by default security posture without restricting access. By providing time-bound access to cloud services on an as-needed basis, Dynamic Access Leases minimize the risk of external threats by reducing the attack surface while still allowing legitimate users to get the access they need with the click of a button without having to use cumbersome security mechanisms such as VPNs.

Continuous monitoring of managed cloud environments for any changes from last known and approved state, made either through the public cloud console or via the API. The system automatically reverts unauthorized modifications to enforce a strict security gold standard at all times. All changes are audited and brought to the attention of administrators immediately.

With Region Lock, newly created security groups are imported into the Dome9 console, and their security policy rules (both ingress and egress) are automatically cleared. This mode prevents network changes from being made to security groups outside the Dome9 system, giving administrators tighter control over their security posture.